backup/EWF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,461 Commits 23 Branches 50 Tags
bd5aba3db60e979cdd7e070f8010895870bbe99e
Commit Graph

1261 Commits

Author SHA1 Message Date
Jocelyn Fiat
bd5aba3db6 Updated Windows DOS script to build the libfcgi binary lib files. 2018-05-30 17:30:05 +02:00
Jocelyn Fiat
d43c4edb7d Updated the default rescue response (i.e when exception or bad internal error occurs). 
Factorized the implementation in WGI_RESCUE_EXECUTION, and now by redefining the `WGI_EXECUTION.execute_rescue (...)` procedure, it is possible to have a custom response on such rescued execution.
 2018-05-30 17:28:24 +02:00
Jocelyn Fiat
9cdd676417 Fixed HTTP_HEADER.put_raw_header (..) by ignoring any empty line of the argument value. 
(note: "%R" is considered as empty line here.)
 2018-05-30 17:25:04 +02:00
Jocelyn Fiat
cb273c3176 Updated to compile with upcoming EiffelStudio 18.05 (with and without ssl). 2018-05-28 17:21:11 +02:00
Jocelyn Fiat
7ed1e815b0 Updated to compile with upcoming EiffelStudio 18.05 . 2018-05-28 16:11:24 +02:00
Jocelyn Fiat
8e8c3602c6 Allow (websocket) upgrade even without persistent connection for normal http request. 
(note: this allows to use websocket in single-threaded mode, and avoid the keep-alive-timeout delay before websocket begins its execution)
 2018-02-13 18:39:47 +01:00
Jocelyn Fiat
ffd7dd8540 Improved WSF download response implementation. 
- Do not set Transfer-Encoding to binary for download response.
- Use WSF_RESPONSE.put_file_content (...)
 2018-02-05 21:02:23 +01:00
Jocelyn Fiat
947c94644e Apply win32 workaround only on Windows 32bits. 2018-02-02 22:43:50 +01:00
Jocelyn Fiat
6a779797a5 Removed a few obsolete calls. 
Updated tests/all.ecf to include a few missing libraries.
 2018-02-02 22:40:18 +01:00
Jocelyn Fiat
74001fe674 Properly JSON encode null character as \u0000 . 2018-01-29 22:13:03 +01:00
Jocelyn Fiat
e9292b3eac Reverted last change as error_message on curl is not available for 17.05. 2017-12-01 12:05:01 +01:00
Jocelyn Fiat
30625d460f Added curl error message to the response error message (in addition to just the curl error code). 2017-11-30 20:08:58 +01:00
Jocelyn Fiat
7d738a164d Added missing comments. 2017-11-30 14:54:46 +01:00
Jocelyn Fiat
1037256ea6 Refactored using an abstraction WSF_PROTECTION. 
This protection could be implemented with a regular expression,
    or using another solution (as manual parsing).
  Also, when a protection detects an issue, instead of returning empty string,
    it returns Void. If the value is a multiple string value, if an item is detected for an issue,
    the returned multiple string value is now Void.
  This abstraction will allow to return either Void, or a "corrected" value,
    for instance the string value, without the detected "<script..>..</script>" text.
  TODO: improve the WSF_PROTECTION_REGEXP to allow replacement strategy.
 2017-11-27 15:44:19 +01:00
Jocelyn Fiat
4d79bba04b Merge branch 'ewf_xss' 2017-11-23 11:50:47 +01:00
jvelilla
5de024923e Updated xss support. 
Added a new library wsf_security.
Updated test cases to cover protections policy.
Added a simple filter using an XSS implementation with WSF_XSS_REQUEST, but
it's possible to build custom filters and request using different protection patterns.
 2017-11-22 17:22:02 -03:00
jvelilla
8b90241986 Moved XSS protection to WSF_EXTENSION. 
Updated code to protect meta_variables.
Fixed typos.
Updated ecf's to use 1-16-0.
 2017-11-13 15:06:02 -03:00
Jocelyn Fiat
603bedf71d Reverted change that made WSF_URI_FILTER_HANDLER and WSF_URI_TEMPLATE_FILTER_HANDLER inheriting from WSF_EXECUTE_FILTER_HANDLER as it breaks existing projects using EiffelWeb. 2017-11-13 18:58:29 +01:00
Jocelyn Fiat
e83f5654d8 Updated NOTIFICATION_SMTP_MAILER to follow the EiffelNet EMAIL design. 2017-11-13 12:29:16 +01:00
jvelilla
25446cac12 Initial import WSF XSS protection. 
Added an utility class to get safe query and form parameters.
Added a new WSF_XSS_REQUEST to use safe parameters.
Added a filter WSF_XSS_FILTER using WSF_XSS_REQUEST.
Added test cases

Signed-off-by: jvelilla <javier.hector@gmail.com>
 2017-11-10 10:37:32 -03:00
Jocelyn Fiat
830adbe10c Fixed response handlers compilation. 2017-11-07 23:52:42 +01:00
Jocelyn Fiat
6ca3cca88b Reverted change that made WSF_URI_HANDLER and WSF_URI_TEMPLATE_HANDLER inheriting from WSF_EXECUTE_HANDLER, as it breaks existing project using EiffelWeb. 2017-11-07 23:05:22 +01:00
Jocelyn Fiat
f91a676f41 fixed obsolete v0 wsf_extension ecf file. 2017-11-04 22:44:27 +01:00
Jocelyn Fiat
1c75e11e34 removed unused local variable. 2017-11-03 18:54:46 +01:00
Jocelyn Fiat
211fc425a3 Added handler to add support for CGI scripts. 
Added a new tool `httpd` which is a basic httpd server product (with file server and CGI handler).
 2017-11-03 18:00:39 +01:00
Jocelyn Fiat
95cebe26bb Added routing condition mapping. 
Added WSF_EXECUTE_HANDLER as common ancestor for handler with `execute (WSF_REQUEST, WSF_RESPONSE) ..` routine.
Made more flexible a few routine by accepting ITERABLE instead of ARRAY, and READABLE_STRING_GENERAL when possible.
 2017-11-03 17:59:10 +01:00
Jocelyn Fiat
f770c236d5 Improved support for absolute url passed tp HTTP_REQUEST_SESSION . 2017-10-27 19:24:52 +02:00
Jocelyn Fiat
39f01e95fd Use single ecf file. 2017-10-26 10:19:56 +02:00
Jocelyn Fiat
c725159d7e Merge branch 'master' into with_compression 2017-10-26 10:13:27 +02:00
Jocelyn Fiat
e834b2b360 Added on_timer callback event so that server can check regularly external state. 
This is a basic solution to implement a way to check for time to time for events to notify websocket clients.
 2017-10-24 17:43:06 +02:00
Jocelyn Fiat
db39068ceb Updated documentation for standalone connector. 
Changed `default_max_keep_alive_requests` from 100 to 300.
 2017-10-19 00:14:23 +02:00
Jocelyn Fiat
74121be470 Support persistent connection, even in single thread mode (i.e concurrency=none). 
Warning: as there is no concurrent request handling in single threaded mode,
            it is recommended to either set the keep_alive_timeout to a small value,
            or disable persistent connection by setting max_keep_alive_requests to 0.
Change the default keep_alive_timeout from 15 to 5 seconds.
Accept -1 as value of max_keep_alive_requests to have unlimited number of request in the same persistent connection.
 2017-10-18 23:29:16 +02:00
Jocelyn Fiat
edec837c4e Made interface of wsf forms and widgets a bit more flexible by accepting READABLE_STRING_GENERAL. 2017-10-17 14:34:50 +02:00
Jocelyn Fiat
f1642a444a Improved support of absolute/relative https:// and http:// in http_client. 2017-10-17 14:30:44 +02:00
Jocelyn Fiat
48af63af83 Fixed typo to process relative or absolute url. 2017-10-09 14:23:45 +02:00
Jocelyn Fiat
2f98d7031f Updated a few package.iron files. 2017-10-06 14:06:46 +02:00
Jocelyn Fiat
9b97627c76 Update package.iron files. 2017-10-06 10:27:32 +02:00
Jocelyn Fiat
72c87cd74d Fixed curl implementation by setting Content-Type to x-www-form-urlencoded (if not set) when POST send data as x-www-form-urlencoded. 2017-10-06 10:24:48 +02:00
Jocelyn Fiat
2ed4d03168 Renamed ciphers_settings as ciphers_setting . 2017-10-06 09:34:08 +02:00
Jocelyn Fiat
18ed92a61d Moved to unique .ecf from ecf version 1-16-0 . 
Requires 17.05 or newer.
 2017-10-06 09:02:10 +02:00
Jocelyn Fiat
0a6a4281e7 Merge branch 'master' into es17.05 2017-10-06 08:18:50 +02:00
Jocelyn Fiat
38cf5d7a6f Updated requirements, now EiffelWeb requires 17.05 or newer. 
Improved support for future 17.11 version with new openssl library.
 2017-10-05 22:07:05 +02:00
Javier Velilla
6f35ad7b16 Merge pull request #181 from jvelilla/ewf_http_client 
Update HTTP Client cURL implementation:
 2017-09-25 11:05:45 -03:00
jvelilla
85c8a46c89 Update Readme.md with a note about ciphers implementation. 2017-09-21 08:07:11 -03:00
Jocelyn Fiat
498e4a6ec2 Fixed validation of iss and aud when issuer and audience are not set. 2017-09-21 10:46:08 +02:00
Jocelyn Fiat
ab507d543a Now HTTP_AUTHORIZATION acceps READABLE_STRING_GENERAL for username and password argument. 2017-09-21 10:45:40 +02:00
Jocelyn Fiat
20a90db2e3 If url is relative, use session.url (...) to get valid url. 
It could happen with relative url in `Location: ...` header (for redirection).
 2017-09-21 10:45:08 +02:00
Jocelyn Fiat
97fe16b4c2 Code cleaning. 2017-09-21 10:26:29 +02:00
jvelilla
6ed91699b8 Renamed feature 'set_ciphers' to 'set_ciphers_settings' and added description. 2017-09-19 10:32:17 -03:00
jvelilla
bb334aef80 Updated HTTP client cURL implementation. 
Refactor rename cipher_list by ciphers_settings and description.
Updated ciphers_settings representation to STIRNG_8
Refactor rename set_cipher_list by set_ciphers.
 2017-09-14 11:58:43 -03:00